<?php
error_reporting(0);
DEFINE('V2EX_BABEL', 1);

require ('core/Settings.php');
require ('core/Utilities.php');

mysql_connect(BABEL_DB_HOSTNAME,BABEL_DB_USERNAME,BABEL_DB_PASSWORD);
mysql_select_db(BABEL_DB_SCHEMATA);
mysql_query("SET NAMES utf8");
mysql_query("SET CHARACTER SET utf8");
mysql_query("SET COLLATION_CONNECTION='utf8_general_ci'");

$p=new Page();
$p->header();
$i=null;

function is_manager(){
	//$ret=false;  
	session_start();
	$sql="SELECT usr_id FROM babel_user WHERE usr_email='".$_SESSION['babel_usr_email']."'";
	$rs=mysql_query($sql);
	if($row=mysql_fetch_array($rs,MYSQL_ASSOC)){
		if($row['usr_id'] == '1'){
			$ret=true;
		}
	}
	mysql_free_result($rs);
	return $ret;
}

function get_num($pid,$cat) {
	if ($cat == 'nod') {
		$table = "babel_node";
		$code = "nod_pid";
	} else {
		if ($cat == 'chl'){
			$table = "babel_channel";
			$code = "chl_pid";
		} else {
			$table = "babel_related";
			$code = "rlt_pid";		
		}
	}
	$total='none';
	$sql="SELECT * from " . $table . " where " . $code . "='". @intval($pid) ."'";
	$rs=mysql_query($sql);
	if (mysql_num_rows($rs) > 0){
		$total=mysql_num_rows($rs);
	}
	mysql_freeresult($rs);
	return $total;
}

function get_title($id){
	$sql="SELECT nod_title FROM babel_node WHERE nod_id='$id' LIMIT 1";
	$rs=mysql_query($sql);
	if($row=mysql_fetch_array($rs,MYSQL_ASSOC)){
	$stitle=$row['nod_title'];
	}
	mysql_free_result($rs);	
	return $stitle;
}

function get_ptitle($id){
	$sql="SELECT nod_title FROM babel_node WHERE nod_id=(SELECT nod_pid FROM babel_node WHERE nod_id='$id' LIMIT 1) LIMIT 1";
	$rs=mysql_query($sql);
	if($row=mysql_fetch_array($rs,MYSQL_ASSOC)){
	$stitle=$row['nod_title'];
	}
	mysql_free_result($rs);		
	return $stitle;
}

function get_pid($id){
	$sql="SELECT nod_pid FROM babel_node WHERE nod_id='$id' LIMIT 1";
	$rs=mysql_query($sql);
	if($row=mysql_fetch_array($rs,MYSQL_ASSOC)){
	$stitle=$row['nod_pid'];
	}
	mysql_free_result($rs);		
	return $stitle;
}

function return_channel($id,$cat) {
	if ($cat == 'related'){
		$table = 'babel_related';
		$word = 'related';
		$prefix = 'rlt';
	} else {
		$table = 'babel_channel';
		$word = 'channel';
		$prefix = 'chl';	
	}
	$o = '';	
	$sql="SELECT * FROM $table WHERE ".$prefix."_pid='$id'";
	$rs=mysql_query($sql);
	if (mysql_num_rows($rs) > 0){
		$o .= '<br />' . $word . ': ';
	}
	$id=1;
	while ($row=mysql_fetch_array($rs,MYSQL_BOTH)){
		$o .= " <font class='num'>$id.</font><a href='/manage/".$word."/edit/$row[0]'>$row[2]</a> <a href='/manage/".$word."/delete/$row[0]' class='del'>Del</a> ...";
		$id=$id+1;
	}
	mysql_free_result($rs);	
	return $o;
}

function valid_textnos($theinput){
	if (strlen($theinput)<1){
		return false;
	} else {
		return ereg ("^[a-z0-9]+$", $theinput );
	}
}

function valid_number($theinput){
	return is_numeric($theinput);
}

function get_boards_link() {
	$stitle="";
	$sql="SELECT nod_id,nod_title FROM babel_node WHERE nod_level='1'";
	$rs=mysql_query($sql);
	while ($row=mysql_fetch_array($rs,MYSQL_ASSOC)){
	$stitle.="<a href='/manage/board/list/" . $row['nod_id'] . "'>" . $row['nod_title'] . "</a>";
	}
	mysql_free_result($rs);	
	return $stitle;
}

if(!is_manager()){
	die ("你在一个你不应该到达的地方，停止你的任何无意义的尝试吧");
}

if (isset($_GET['class']) && isset($_GET['method'])) {
	$c = strtolower(trim($_GET['class']));
	$m = strtolower(trim($_GET['method']));
} else {
	die("你在一个你不应该到达的地方，停止你的任何无意义的尝试吧");
}

class Page {
	public function header() {
		echo "
		<html>
			<head>
				<title>Babel Manage</title>
				<meta http-equiv='content-type' content='text/html;charset=utf-8'>
				<style>
					html { height: 100%; }
					body {background: #111; height: 100%; color: #EEE; font: 74% Verdana, Arial, sans-serif; margin: 0; padding: 0;}
					#wrapper {min-height: 100%;}
					*html #wrapper {height: 100%;}			
					a {color: #BBB;}
					span { padding:5px 20px; margin-left: 10px; }
					#header { text-align: center; color: #BBB; height: 28px; background: #333; border-bottom: 1px solid #666; }
					.menu a { font-size: 1.1em;	font-weight: bold;	color: #BBB; border-top: 3px solid #94bb00; text-decoration: none; line-height: 26px; margin: 0; padding: 0 6px; float: left; }
					.menu a:hover { color: #94bb00; text-decoration: none; height: 25px; border-top: 3px solid #fff; background: #444; }
					#contenter { padding-bottom:30px; }
					#contenter:after { clear: both; display: block; font: 1px/0px serif; content: "."; height: 0; visibility: hidden;}
					.manage, li { margin:8px; padding:8px; line-height: 25px; background: #333; border-top: 1px solid #555; border-left: 1px solid #555; border-bottom: 1px solid #222; border-right: 1px solid #222; -moz-border-radius: 7px; -webkit-border-radius: 7px; }
					li:hover {	background: #363636; }
					li a { color: #BBB; padding: 3px 8px 3px 8px; text-decoration: none; background: #222; }
					li a:hover { color: #94bb00; background: #444; text-decoration: none; } 
					#title a { 	font-size:1.3em; }
					#title span a { font-size: 1em; color:#94bb00; }
					#title span a:hover { color: #DDD; }
					#footer {	text-align: center; height: 11px; padding: 8px 0 5px 0; background: #333; border-top: 3px solid #222; border-bottom: 3px solid #222; margin: -30px auto 0;}
					#footer p { margin: 0; padding: 0; color: #666; line-height: 11px; }
					#footer p span { font-size: 0.8em; color: #666; }
					#footer p strong { color: #0085DA; }
					.del { font-size:0.8em !important; color: #f39 !important; }
					.num { color: #0085DA; }
					.des { color: #0085DA !important; }
					.on { margin-left:15px !important; color:#94bb00 !important; border-top: 3px solid #fff !important; }
				</style>
			</head>
			<body>
		";
	}	
	public function nav($node) {
		$pid=@intval($_GET['pid']);
		echo "
			<div id='wrapper'>
			<div id='header'>
				<div class='menu'> 
					<a href='/'>Home</a>
					<a href='/manage.vx'>Sections</a> 
					" . get_boards_link() . "
					<a href='/manage/channel/list'>Channels</a> 
					<a href='/manage/related/list'>Related Sites</a> 
		";
		switch ($node){
			case 'board':
				echo "<a href='/manage/board/add/$pid' class='on'>New Board</a><a class='on'>" . get_title($pid) . "</a>";
				break;
			case 'section':
				echo "<a href='/manage/section/add' class='on'>New Section</a><a class='on'>" . get_title(1) . "</a>";
				break;
			case 'channel':
				if ($node == 'channel' && $pid == "") {
					echo "<a href='/manage/channel/add' class='on'>New Channel</a><a class='on'>Channels</a>";
				} else {
					echo "<a href='/manage/channel/add/$pid' class='on'>New Channel</a><a class='on'>Channels AT ".get_title($pid)."</a>";
				}	
				break;
			case 'related':
				if ($node == 'related' && $pid == "") {
					echo "<a href='/manage/related/add' class='on'>New Related</a><a class='on'>Related Sites</a>";
				} else {
					echo "<a href='/manage/related/add/$pid' class='on'>New Related</a><a class='on'>Related Sites AT ".get_title($pid)."</a>";
				}	
				break;
			default:
				die ("你在一个你不应该到达的地方，停止你的任何无意义的尝试吧");
		}
		echo "
			</div>
		</div>	
		";
	}
	public function footer() {
		echo "
				</div>
				<div id='footer'>
					<p><a href='http://code.google.com/p/babelman/'><strong>Project Babel Manage</strong></a> FOR <a href='http://www.v2ex.com'><strong>BABEL</strong></a><span>Write by Adult | Rebuild by ihao | Powerd by V2EX</span></p>
				</div>
			</body>
		</html>
		";
	}
}

class Channel {
	var $vx;
	var $vxtable;
	var $vxword;
	var $vxprefix;
	function __construct($table){
		$this->vx = $table;
		switch ($this->vx){
			case 'channel':
				$this->vxtable = 'babel_channel';
				$this->vxword = 'channel';
				$this->vxprefix = 'chl';
				break;
			case 'related':
				$this->vxtable = 'babel_related';
				$this->vxword = 'related';
				$this->vxprefix = 'rlt';
				break;
			default:
				die ("你在一个你不应该到达的地方，停止你的任何无意义的尝试吧");
			}
	}
	public function list1(){
		$pid=@intval($_GET['pid']);
		if ($pid == "") {
			$sql="SELECT * FROM $this->vxtable";
		} else {
			$sql="SELECT * FROM $this->vxtable WHERE ".$this->vxprefix ."_pid='$pid'";
		}
		$rs=mysql_query($sql);
		echo "<div id='contenter'><ol>";
		while ($row=mysql_fetch_array($rs,MYSQL_BOTH)){
			if ($this->vx == 'channel'){
				$viewpath="/".$this->vxword."/view/$row[0].html";
			} else {
				$viewpath=$row[3];
			}
			echo "
			<li>
				<div id='title'>
					<a href='$viewpath'><strong>$row[2]</strong></a>
					<span>
					<a href='/manage/".$this->vxword."/edit/$row[0]'>Edit</a>
					<a href='/manage/".$this->vxword."/delete/$row[0]' class='del'>Delete</a>
					</span>
				</div>
				<span><a>$row[2]</a> is belong to <a href='/manage/board/edit/$row[1]'><font class='des'>" . get_title($row[1]) . "</font></a> board at <a href='/manage/section/edit/".get_pid($row[1])."'><font class='des'>" . get_ptitle($row[1]) . "</font></a> Section</span>
			</li>
			";
		}
		echo "</ol></div>";
		mysql_free_result($rs);	
	}
	public function add(){
		$post_to="/manage/$this->vxword/add";
		if (@intval($_GET['pid']) == "") {
			$pid=@intval($_POST[''.$this->vxprefix.'_pid']);
		} else {
			$pid=@intval($_GET['pid']);
			$post_to .= "/". $pid;
		}
		$errors=null;
		$title=$url=$created=null;
		if (isset($_POST[''.$this->vxprefix.'_url']) && $pid>0){ //validate
			if (strlen($url=@$_POST[''.$this->vxprefix.'_url'])<1){
				$errors[''.$this->vxprefix.'_url']="Url not valid.";
			}
			if (strlen($title=@$_POST[''.$this->vxprefix.'_title'])<1){
				$errors[''.$this->vxprefix.'_title']="Title not valid.";
			}
			if (!$errors){ //insert
				$created=time();
				$sql="INSERT INTO 
					  $this->vxtable(".$this->vxprefix ."_pid,".$this->vxprefix ."_title,".$this->vxprefix ."_url,".$this->vxprefix ."_created) 
	  				  VALUES('$pid','$title','$url','$created')";
			  	mysql_query($sql);
				header("location: /manage/".$this->vxword."/list");
				return;
			}
		}
		$sql="SELECT nod_id,nod_title FROM babel_node WHERE nod_level=2";
		$rs=mysql_query($sql);
		$select_board="Belong to: <br><select name='".$this->vxprefix ."_pid'>";
		while($row=mysql_fetch_array($rs,MYSQL_ASSOC)){
			if($pid==$row['nod_id']){
				$check=" selected";
			} else {
				$check="";
			}
			$select_board.="<option value='$row[nod_id]'$check>$row[nod_title]</option>";
		}
		$select_board.="</select><br />";
		mysql_free_result($rs);

		echo "
		<div id='contenter'>
		<div class='manage'>
		<strong>Add:</strong>
		<form action='$post_to' method='post'>
		New ".$this->vxword ." title(Chinese is ok): <br>
		<input type='text' name='".$this->vxprefix ."_title' value='$title'><font color='red'>".@$errors[''.$this->vxprefix .'_title']."</font><br>
		New ".$this->vxword ." url: <br>
		<input type='text' name='".$this->vxprefix ."_url' value='$url'><font color='red'>".@$errors[''.$this->vxprefix .'_url']."</font><br>
		$select_board
		<input type='submit' value='Save'>
		</form>
		</div>
		</div>
		";
	}
	public function edit(){
		$id=@intval($_GET['id']);
		$errors=null;
		$title=$pid=$url=null;
				
		if (isset($_POST[''.$this->vxprefix.'_url']) && $id>0){ //validate
			if (strlen($url=@$_POST[''.$this->vxprefix.'_url'])<1){
				$errors[''.$this->vxprefix.'_url']="URL not valid.";
			}
			if (strlen($title=@$_POST[''.$this->vxprefix.'_title'])<1){
				$errors[''.$this->vxprefix.'_title']="Title not valid.";
			}
			$pid=@intval($_POST[''.$this->vxprefix.'_pid']);
			if (!$errors){ //update
				$sql="UPDATE $this->vxtable SET ".$this->vxprefix ."_title='$title',".$this->vxprefix ."_pid='$pid',".$this->vxprefix ."_url='$url'		  WHERE ".$this->vxprefix ."_id='$id' LIMIT 1";
				mysql_query($sql);
				header("location: /manage/".$this->vxword."/list/$pid");
				return;
			}
		} else if ($id>0) {
			$sql="SELECT * FROM $this->vxtable WHERE ".$this->vxprefix ."_id='$id' LIMIT 1";
			$rs=mysql_query($sql);
			if ($row = mysql_fetch_array($rs,MYSQL_BOTH)){
				$title=$row[2];
				$pid=$row[1];
				$url=$row[3];
			}
			mysql_free_result($rs);
		}
						
		$sql="SELECT nod_id,nod_title FROM babel_node WHERE nod_level=2";
		$rs=mysql_query($sql);
		$pid_html="Board Section:<br><select name='".$this->vxprefix ."_pid'>";
		while($row=mysql_fetch_array($rs,MYSQL_ASSOC)){
			if($pid==$row['nod_id']){
				$check=" selected";
			} else {
				$check="";
			}
			$pid_html.="<option value='$row[nod_id]'$check>$row[nod_title]</option>";
		}
		$pid_html.="</select>";
		mysql_free_result($rs);
				
		echo "
		<div id='contenter'>
		<div class='manage'>
		<strong>Edit:</strong>
		<form action='/manage/".$this->vxword."/edit/$id' method='post'>
		".$this->vxword." title(Chinese is ok): <font color='red'>".@$errors[''.$this->vxprefix.'_title']."</font><br>
		<input type='text' name='".$this->vxprefix ."_title' value='$title'><br>
		".$this->vxword." URL: <font color='red'>".@$errors[''.$this->vxprefix.'_url']."</font><br>
		<input type='text' name='".$this->vxprefix ."_url' value='$url'><br>
		$pid_html<br>
		<input type='submit' value='Save'>
		</form>
		</div>
		</div>
		";
	}
	public function delete1(){
		$id=@$_GET['id'];	
		//get the parent id
		$pid="";
		$list_url="";
		$sql="SELECT nod_pid FROM babel_node WHERE nod_id='".@intval($id)."'";
		$rs=mysql_query($sql);
		if($row=mysql_fetch_array($rs,MYSQL_ASSOC)){
			$pid=@intval($row['nod_pid']);
			$list_url="/$pid";
		}
		mysql_free_result($rs);
		if (substr($id,-3)=='del'){
			$id=@intval($id);
								
			if($id>0){
				$sql="DELETE FROM $this->vxtable WHERE ".$this->vxprefix."_id='$id'";
				mysql_query($sql);
			}
			header("location: /manage.vx");
		} else {
			echo "
			<div id='contenter'>
			<div class='manage'>
				<a class='del'>Are you sure to delete?</a><br>
				[ <a href='/manage/".$this->vxword."/delete/{$id}del'>Yes</a> ] [ <a href='/manage.vx'>No</a> ] 
			</div>
			</div>
			";
		}
	}
}

class Board {
	public function list1(){
		$pid=@intval($_GET['pid']);
		
		$sql="SELECT * FROM babel_node WHERE nod_pid='$pid' and nod_level='2'";
		$rs=mysql_query($sql);
		echo "<div id='contenter'><ol>";
		while ($row=mysql_fetch_array($rs,MYSQL_ASSOC)){
			echo "
			<li>
				<div id='title'>
					<a href='/go/$row[nod_name]'><strong>$row[nod_title]</strong></a>
					<span>
					<a href='/manage/board/edit/$row[nod_id]'>Edit</a>
					<a href='/manage/board/delete/$row[nod_id]' class='del'>Delete</a>
					<a href='/manage/channel/add/$row[nod_id]''>Add Channel</a>
					<a href='/manage/related/add/$row[nod_id]''>Add Related Site</a>
					</span>
				</div>
				<span>Description: <a href='/go/$row[nod_name]'>$row[nod_title]</a> has <font class='num'>$row[nod_topics]</font> topics ... <font class='num'>$row[nod_favs]</font> favs ... <a href='/manage/channel/list/" . $row[nod_id] . "'><font class='num'>" . get_num($row[nod_id],'chl') . "</font> Channels</a> ... <a href='/manage/related/list/" . $row[nod_id] . "'><font class='num'>" . get_num($row[nod_id],'rlt') . "</font> Related Site</a> ... " . return_channel($row[nod_id]) . "" . return_channel($row[nod_id],'related') . "</span>
			</li>
			";
		}
		echo "</ol></div>";
		mysql_free_result($rs);	
	}
	public function add(){
		$pid=@intval($_GET['pid']);
		$errors=null;
		$name=$title=$description=$header=$footer=null;
		if (isset($_POST['nod_name']) && $pid>0){ //validate
			if (!valid_textnos(strip_tags($name=@$_POST['nod_name']))){
				$errors['nod_name']="Name not valid.";
			}
			if (strlen($title=@$_POST['nod_title'])<1){
				$errors['nod_title']="Title not valid.";
			}
			$description=strip_tags(@$_POST['nod_description']);
			$header=strip_tags(@$_POST['nod_header']);
			$footer=strip_tags(@$_POST['nod_footer']);
			$created=time();
			if (!$errors){ //insert
				$sql="INSERT INTO 
					  babel_node(nod_pid,nod_uid,nod_sid,nod_level,nod_name,nod_title,nod_description,nod_header,nod_footer,nod_created) 
	  				  VALUES('$pid',1,'$pid',2,'$name','$title','$description','$header','$footer','$created')";
			  	mysql_query($sql);
				header("location: /manage/board/list/$pid");
				return;
			}
		}

		echo "
		<div id='contenter'>
		<div class='manage'>
		<strong>Add:</strong>
		<form action='/manage/board/add/$pid' method='post'>
		Board name(English): <br>
		<input type='text' name='nod_name' value='$name' /><font color='red'>".@$errors['nod_name']."</font><br>
		Board title(Chinese is ok): <br>
		<input type='text' name='nod_title' value='$title' /><font color='red'>".@$errors['nod_title']."</font><br>
		Board description(Chinese is ok): <br>
		<input type='text' name='nod_description' value='$description' /><font color='red'>".@$errors['nod_description']."</font><br>
		Board header(Chinese is ok): <br>
		<input type='text' size='80' name='nod_header' value='$header' /><font color='red'>".@$errors['nod_header']."</font><br>
		Board footer(Chinese is ok): <br>
		<input type='text' size='80' name='nod_footer' value='$footer' /><font color='red'>".@$errors['nod_footer']."</font><br>
		<input type='submit' value='Save'>
		</form>
		</div>
		</div>
		";
	}
	public function edit(){
		$id=@intval($_GET['id']);
		$errors=null;
		$name=$title=$pid=$description=$header=$footer=null;
				
		if (isset($_POST['nod_name']) && $id>0){ //validate
			if (!valid_textnos(strip_tags($name=@$_POST['nod_name']))){
				$errors['nod_name']="Name not valid.";
			}
			if (strlen($title=@$_POST['nod_title'])<1){
				$errors['nod_title']="Title not valid.";
			}
			$description=strip_tags(@$_POST['nod_description']);
			$header=strip_tags(@$_POST['nod_header']);
			$footer=strip_tags(@$_POST['nod_footer']);
			$lastupdated=time();
			$pid=@intval($_POST['nod_pid']);
			if (!$errors){ //update
				$sql="UPDATE babel_node SET nod_name='$name',nod_title='$title',nod_pid='$pid',nod_sid='$pid',nod_description='$description',nod_header='$header',nod_footer='$footer',nod_lastupdated='$lastupdated'		  WHERE nod_id='$id' LIMIT 1";
				mysql_query($sql);
				header("location: /manage/board/list/$pid");
				return;
			}
		} else if ($id>0) {
			$sql="SELECT * FROM babel_node WHERE nod_id='$id' LIMIT 1";
			$rs=mysql_query($sql);
			if ($row = mysql_fetch_array($rs,MYSQL_ASSOC)){
				$name=$row['nod_name'];
				$title=$row['nod_title'];
				$pid=$row['nod_pid'];
				$description=$row['nod_description'];
				$header=$row['nod_header'];
				$footer=$row['nod_footer'];
			}
			mysql_free_result($rs);
		}
						
		$sql="SELECT nod_id,nod_title FROM babel_node WHERE nod_level=1";
		$rs=mysql_query($sql);
		$pid_html="Board Section:<br><select name='nod_pid'>";
		while($row=mysql_fetch_array($rs,MYSQL_ASSOC)){
			if($pid==$row['nod_id']){
				$check=" selected";
			} else {
				$check="";
			}
			$pid_html.="<option value='$row[nod_id]'$check>$row[nod_title]</option>";
		}
		$pid_html.="</select>";
		mysql_free_result($rs);
				
		echo "
		<div id='contenter'>
		<div class='manage'>
		<strong>Edit:</strong>
		<form action='/manage/board/edit/$id' method='post'>
		Board name(English): <font color='red'>".@$errors['nod_name']."</font><br>
		<input type='text' name='nod_name' value='$name'><br>
		Board title(Chinese is ok): <font color='red'>".@$errors['nod_title']."</font><br>
		<input type='text' name='nod_title' value='$title'><br>
		Board description(Chinese is ok): <font color='red'>".@$errors['nod_description']."</font><br>
		<input type='text' name='nod_description' value='$description'><br>
		Board header(Chinese is ok): <font color='red'>".@$errors['nod_header']."</font><br>
		<input type='text' size='80' name='nod_header' value='$header'><br>
		Board footer(Chinese is ok): <font color='red'>".@$errors['nod_footer']."</font><br>
		<input type='text' size='80' name='nod_footer' value='$footer'><br>
		$pid_html<br>
		<input type='submit' value='Save'>
		</form>
		</div>
		</div>
		";
	}
	public function delete1(){
		$id=@$_GET['id'];	
		//get the parent id
		$pid=2;
		$sql="SELECT nod_pid FROM babel_node WHERE nod_id='".@intval($id)."'";
		$rs=mysql_query($sql);
		if($row=mysql_fetch_array($rs,MYSQL_ASSOC)){
			$pid=@intval($row['nod_pid']);
		}
		mysql_free_result($rs);
			
		if (substr($id,-3)=='del'){
			$id=@intval($id);
			if($id>1){
				$sql="DELETE FROM babel_node WHERE nod_id='$id'";
				mysql_query($sql);
			}
			header("location: /manage/board/list/$pid");
		} else {
			echo "
			<div id='contenter'>
			<div class='manage'>
				<a class='del'>Are you sure to delete?</a><br>
				[ <a href='/manage/board/delete/{$id}del'>Yes</a> ] [ <a href='/manage/board/list/$pid'>No</a> ] 
			</div>
			</div>
			";
		}
	}
}

class Section {
	public function list1(){
		$sql="SELECT * FROM babel_node WHERE nod_level='1' ORDER BY nod_weight DESC";
		$rs=mysql_query($sql);
		echo "<div id='contenter'><ol>";
		//echo "<tr><td>Section name</td><td>Manage</td><td>Description</td></tr>";
		while ($row=mysql_fetch_array($rs,MYSQL_ASSOC)){
			echo "
			<li>
				<div id='title'>
					<a href='/manage/board/list/$row[nod_id]'><strong>$row[nod_title]</strong></a>
					<span>
						<a href='/manage/section/edit/$row[nod_id]'>Edit</a>
						<a href='/manage/section/delete/$row[nod_id]' class='del'>Delete</a>
					</span>
				</div>
				<span>This Section has <font class='num'>" . get_num($row[nod_id],'nod') . "</font> Boards</span>
			</li>
			";
		}
		echo "</ol></div>";
		mysql_free_result($rs);
	}
	public function add(){
		$errors=null;
		$name=$title=$weight=null;
		if (isset($_POST['nod_name'])){ //validate
			if (!valid_textnos($name=@$_POST['nod_name'])){
			$errors['nod_name']="Name not valid.";
			}
			if (strlen($title=@$_POST['nod_title'])<1){
			$errors['nod_title']="Title not valid.";
			}
			if (!valid_number($weight=@intval($_POST['nod_weight'])) || $weight==0){
			$errors['nod_weight']="Weight not valid.";
			}
			$created=time();
			if (!$errors){ //insert
			$sql="INSERT INTO 
				  babel_node(nod_pid,nod_uid,nod_sid,nod_level,nod_name,nod_title,nod_weight,nod_created) 
				  VALUES(1,1,5,1,'$name','$title','$weight','$created')";
			mysql_query($sql);
			header("location: /manage/section/list");
			return;
			}
		}
			
		echo "
		<div id='contenter'>
		<div class='manage'>
		<strong>Add:</strong>
		<form action='/manage/section/add' method='post'>
			Section name(English): <font color='red'>".@$errors['nod_name']."</font><br>
			<input type='text' name='nod_name' value='$name'><br>
			Section title(Chinese is ok): <font color='red'>".@$errors['nod_title']."</font><br>
			<input type='text' name='nod_title' value='$title'><br>
			Section weight(Number): <font color='red'>".@$errors['nod_weight']."</font><br>
			<input type='text' name='nod_weight' value='$weight'><br>
			<input type='submit' value='Save'>
		</form>
		</div>
		</div>
		";
	}
	public function edit(){
		$id=@intval($_GET['id']);
		$errors=null;
		$name=$title=$weight=null;
		
		if (isset($_POST['nod_name']) && $id>0){ //validate
			if (!valid_textnos($name=@$_POST['nod_name'])){
			$errors['nod_name']="Name not valid.";
			}
			if (strlen($title=@$_POST['nod_title'])<1){
			$errors['nod_title']="Title not valid.";
			}
			if (!valid_number($weight=@intval($_POST['nod_weight'])) || $weight==0){
			$errors['nod_weight']="Weight not valid.";
			}
			$lastupdated=time();
			if (!$errors){ //update
			$sql="UPDATE babel_node SET nod_name='$name',nod_title='$title',nod_weight='$weight',nod_lastupdated='$lastupdated' 
				 WHERE nod_id='$id' LIMIT 1";
			mysql_query($sql);
			header("location: /manage/section/list");
			return;
			}
		} else if ($id>0) {
			$sql="SELECT * FROM babel_node where nod_id='$id' LIMIT 1";
			$rs=mysql_query($sql);
			if ($row = mysql_fetch_array($rs,MYSQL_ASSOC)){
			$name=$row['nod_name'];
			$title=$row['nod_title'];
			$weight=$row['nod_weight'];
			}
			mysql_free_result($rs);
		}
			
		echo "
		<div id='contenter'>
		<div class='manage'>
		<strong>Edit:</strong>
		<form action='/manage/section/edit/$id' method='post'>
			Section name(English): <font color='red'>".@$errors['nod_name']."</font><br>
			<input type='text' name='nod_name' value='$name'><br>
			Section title(Chinese is ok): <font color='red'>".@$errors['nod_title']."</font><br>
			<input type='text' name='nod_title' value='$title'><br>
			Section weight(Number): <font color='red'>".@$errors['nod_weight']."</font><br>
			<input type='text' name='nod_weight' value='$weight'><br>
			<input type='submit' value='Save'>
		</form>
		</div>
		</div>
		";
	}	
	public function delete1(){
		$id=@$_GET['id'];
		if (substr($id,-3)=='del'){
			$id=@intval($id);
			if($id>1){
			$sql="DELETE FROM babel_node WHERE nod_id='$id'";
			mysql_query($sql);
			}
			header("location: /manage/section/list");
		} else {
			echo "
		<div id='contenter'>
		<div class='manage'>
			<a class='del'>Are you sure to delete?</a><br>
			[ <a href='/manage/section/delete/{$id}del'>Yes</a> ] [ <a href='/manage.vx'>No</a> ] 
		</div>
		</div>
			";
		}
	}
}

switch ($c){
	case 'channel':
		$p->nav('channel');
		$i=new Channel('channel');
		break;
	case 'related':
		$p->nav('related');
		$i=new Channel('related');
		break;
	case 'board':
		$p->nav('board');
		$i=new Board();
		break;
	case 'section':
		$p->nav('section');
		$i=new Section();
		break;
	default:
		die ("你在一个你不应该到达的地方，停止你的任何无意义的尝试吧");
}

switch ($m){
	case 'list':
		$i->list1();
		break;
	case 'add':
		$i->add();
		break;
	case 'edit':
		$i->edit();
		break;
	case 'delete':
		$i->delete1();
		break;
	default:
		die("你在一个你不应该到达的地方，停止你的任何无意义的尝试吧");
}

$p->footer();
?>
